Controlling ecommerce authentication with non-linear analytical models

ABSTRACT

A method of operating a computer system is disclosed. An eCommerce authentication request is received. Content of the eCommerce authentication request is processed through a non-linear analytical model to generate a risk score. The eCommerce authentication request is selectively provided to an authentication node based on the risk score. Related authentication gateway nodes and computer program products are disclosed.

BACKGROUND

The present disclosure relates to financial transaction processingsystems.

Financial transactions relating to purchasing goods and services arepredominately paid for using credit accounts and debit accounts that anaccount owner accesses through associated credit cards and debit cards.Financial transaction processing systems provide verification processesthat allow merchants to verify that account information is valid and theaccount owner has sufficient credit or debit funds to cover thepurchase.

When a purchaser is located at the merchant's facility, the merchant isresponsible for authenticating that the purchaser is the account ownerby, for example, comparing the purchaser's signature to a existingsignature on the card, examining a picture ID of the purchaser, orproviding a password.

For purchases made through a merchant's website and other electroniccommerce (“eCommerce”) transactions (known as a card-not-presenttransactions (CNP)), financial transaction processing systems can useeCommerce authentication processes that challenge the purchaser toprovide a security code that is used to authenticate that the purchaseris the account owner or is otherwise authorized by the account owner.The security code may be a password, personal identification number(PIN), or other information known to the account owner such as a onetime password received through e-mail, etc. Purchasers can findeCommerce authentication processes undesirable due to the need toremember security codes and the requirement to successfully completeadditional process steps for purchases. Merchants can find eCommerceauthentication processes undesirable because of the fees charged for useof such processes and lost sales due to purchasers abandoningtransactions during the eCommerce authentication processes.

SUMMARY

Some embodiments disclosed herein are directed to a method of operatinga computer system. An eCommerce authentication request is received.Content of the eCommerce authentication request is processed through anon-linear analytical model to generate a risk score. The eCommerceauthentication request is selectively provided to an authentication nodebased on the risk score.

Some other embodiments disclosed herein are directed to anauthentication gateway node that includes a processor and a memory. Thememory is coupled to the processor and includes computer readableprogram code that when executed by the processor causes the processor toperform operations. The operations include receiving an eCommerceauthentication request, processing content of the eCommerceauthentication request through a non-linear analytical model to generatea risk score, and selectively providing the eCommerce authenticationrequest to an authentication node based on the risk score.

Some other embodiments disclosed herein are directed to a computerprogram product that includes a computer readable storage medium havingcomputer readable program code embodied in the medium that when executedby a processor of a computer system causes the computer system toperform operations. The operations include receiving an eCommerceauthentication request, processing content of the eCommerceauthentication request through a non-linear analytical model to generatea risk score, and selectively providing the eCommerce authenticationrequest to an authentication node based on the risk score.

Other methods, authentication gateway nodes, and computer programproducts according to embodiments will be or become apparent to one withskill in the art upon review of the following drawings and detaileddescription. It is intended that all such additional methods,authentication gateway nodes, and computer program products be includedwithin this description and protected by the accompanying claims.

BRIEF DESCRIPTION OF THE DRAWINGS

Aspects of the present disclosure are illustrated by way of example andare not limited by the accompanying drawings. In the drawings:

FIG. 1 is a block diagram of a financial transaction processing systemthat includes an authentication gateway node that controls whicheCommerce authentication requests are authenticated by an authenticationnode, in accordance with some embodiments;

FIG. 2 is block diagram illustrating further details of anauthentication portion of the financial transaction processing system ofFIG. 1 configured in accordance with some embodiments;

FIG. 3 is a block diagram of a neural network model that can be used inan authentication gateway node to generate a risk score for an eCommerceauthentication request based on weight values that are adapted usingfeedback, in accordance with some embodiments;

FIGS. 4-10 are flowcharts that illustrate operations that may beperformed by an authentication gateway node to control which eCommerceauthentication requests are authenticated by an authentication node, inaccordance with some embodiments; and

FIG. 11 is a block diagram of a computer system that may be incorporatedinto various components of the system of FIGS. 1-3, in accordance withsome embodiments.

DETAILED DESCRIPTION

Various embodiments will be described more fully hereinafter withreference to the accompanying drawings. Other embodiments may take manydifferent forms and should not be construed as limited to theembodiments set forth herein. Like numbers refer to like elementsthroughout.

FIG. 1 is a block diagram of a financial transaction processing systemthat includes an authentication gateway node 100 (e.g., a computersystem, computer server or program code executed by another nodedisclosed herein) that controls which eCommerce authentication requestsare authenticated by an authentication node 130 in accordance with someembodiments. Although some embodiments are described in the context ofauthenticating credit card and/or debit card transactions for purchasesmade through a merchant's node 120 (e.g., merchant's eCommerce Webserver), the embodiments disclosed herein are not limited thereto andcan be used with other types of authentication processes.

Referring to FIG. 1, a person who is purchasing an item (purchaser)operates a user terminal 110 to select items to be purchased, and enters(e.g., types, electronically scans, etc.) financial account information(also referred to as “account information”) that can include an accountnumber (e.g., credit card number and/or debit card number) and mayfurther include any one or more of: customer name; account verificationinformation; cardholder's name; an expiration date for the card; a cardverification value (CVV); the cardholder's home address; and thepurchaser's shipping address. The entered financial account informationis communicated by the user terminal 110 to the merchant node 120. Theuser terminal 110 may be any electronic device that can communicate witha merchant node 120 including, but not limited to, a tablet computer,desktop computer, laptop computer, smart phone, a point-of-sale merchantterminal, etc.

Because of the prevalence of fraud occurring in eCommerce and othercard-not-present financial transactions, where merchants cannot directlyauthenticate purchasers using picture IDs, electronic authenticationprocesses have been introduced to authenticate purchasers. Electronicauthentication processes can be performed by an authentication node 130to attempt to confirm that the purchaser is an account owner or isotherwise authorized by the account owner.

If the merchant node 120 is registered for use of electronicauthentication processes, the merchant node 120 generates an eCommerceauthentication request that can contain as content items (also referredto as “items of content”) that can include any one or more of:

-   -   1) account number (e.g., credit/debit card number);    -   2) expiration date for the card;    -   3) verification value (e.g., CVV);    -   4) cardholder's name;    -   5) the cardholder's home address;    -   6) the purchaser's shipping address;    -   7) amount of the financial transaction;    -   8) identifier for the purchaser's user terminal;    -   9) characteristics of the purchaser's user terminal (e.g.,        manufacturer, web browser characteristics, and/or operational        characteristics);    -   10) network address of the purchaser's user terminal;    -   11) geographic region of the purchaser's user terminal;    -   12) identifier for the merchant node 120;    -   13) a geographic region of the merchant node 120;    -   14) identifier for the acquirer node 122;    -   15) time of transaction; and    -   16) date of transaction.

The merchant node 120 communicates the eCommerce authentication requesttoward the authentication node 130 for authentication processing toauthenticate the purchaser. The merchant node 120 may communicate theeCommerce authentication request using a software plug-in provided by aprovider of the authentication node 130. Authentication of the purchasercan include determining whether the purchaser possesses secretinformation that should only be known to the account owner or anotherperson who has been authorized by the account owner to make purchasesusing the account.

As will be explained in further detail below, an authentication gatewaynode 100 is disclosed herein that controls which eCommerceauthentication requests from the merchant node 120 and other merchantnodes 120 cause authentication of purchasers. The authentication gatewaynode 100 may intercept the eCommerce authentication request from themerchant node 120 and determine whether authentication will be performedby the authentication node 130. The authentication gateway node 100 may,for example, selectively either route the eCommerce authenticationrequest to the authentication node 130 for authentication or respond tothe merchant node 120 without authentication by the authentication node130 (e.g., some eCommerce authentication requests bypass theauthentication node 130). Alternatively, the authentication gateway node100 may mark the eCommerce authentication requests to indicate whetherthey are to be authenticated by the authentication node 130 (e.g., alleCommerce authentication requests flow through the authentication node130 but only some cause authentication). These and additional operationsby the authentication gateway node 100 are described in further detailbelow.

Pursuant to one type of authentication process, the authentication node130 communicates an authentication challenge message to the userterminal 110 which requires the purchaser to enter a security code tocomplete the purchase. The entered security code is returned to theauthentication node 130 in a response message. The security code may bea password, personal identification number (PIN), electronic securitytoken, or other secret information known to the account owner.

The authentication node 130 can compare the security code to an expectedcode, and apply one or more rules which may be defined by the cardissuing bank (referred to more generally as the credit/debit financeissuer node below) to generate an authentication response (e.g.,authentication response code) that indicates an outcome of theauthentication process.

One type of authentication process is known as a 3-D Secure protocolthat can be performed by the authentication node 130 operating as a 3-DSecure authentication server. The 3-D Secure protocol was developed byfinancial card associations, including Visa and MasterCard, and hasbecome an industry standard. The protocol uses XML messages sent oversecure socket layer (SSL) connections between user terminal 110 or otherclient authentication terminals and the authentication node 130, whichcan also be referred to as an access control server (ACS). Theauthentication challenge can be presented through the user terminal 110to the purchaser within the same web browser window as an in-linesession (referred to as an inframe authentication session) or can bepresented in a separate window (e.g., pop-up window).

An advantage to merchants of using purchaser authentication is areduction in “unauthorized transaction” chargebacks. A disadvantage tomerchants is that they pay a software setup fee, monthly fee, andper-authentication fee for use of the 3-D Secure access control serverprovided by the authentication node 130. Moreover, 3-D Secure operationcan be complicated and create transaction failures.

Some purchasers view the additional authentication steps as a nuisanceor obstacle to completing transactions and/or they erroneously interpretthe authentication challenge (e.g., pop-up window) as originating from afraudulent phishing site/process, which can result in a substantialincrease in transaction abandonment by the purchaser and lost revenue tomerchants. Some 3-D Secure authentication processes require thepurchaser to complete an authentication registration process for thecardholder's financial account, including agreeing to all terms andconditions presented by 3-D Secure, before the purchaser can proceedwith a purchase. Purchasers who are unwilling to undertake the risk orinconvenience of registering their card during a purchase, are forced toabandon the transaction. Moreover, some user terminals, such as thosehaving mobile web browsers, can lack features (e.g., support for windowframes and/or pop-ups) necessary for proper operation of a 3-D Secureauthentication process.

For these and other reasons, some embodiments disclosed herein aredirected to the authentication gateway node 100 determining risk scoresfor eCommerce authentication requests and selectively providing theeCommerce authentication requests to the authentication node 130 basedon the risk scores. The authentication gateway node 100 can beconfigured to operate on eCommerce authentication requests in-flightbefore being delivered to the authentication node 130, and control basedon the risk scores which of the eCommerce authentication requests areprocessed by the authentication node 130 to authenticate purchasers andgenerate authentication responses based on the outcomes of theauthentication.

In one embodiment, only eCommerce authentication requests having riskscores that satisfy a defined rule are provided to the authenticationnode 130 for authentication processing and generation of theauthentication responses based on the authentication processing, and theother eCommerce authentication requests (having risk scores that do notsatisfy the defined rule) bypass authentication processing by theauthentication node 130. When bypassing authentication processing by theauthentication node 130, the authentication gateway node 100 maygenerate an authentication response based on the risk score for theeCommerce authentication request (e.g., generate an authenticationresponse indicating that the purchaser was properly authenticated) andcommunicate the authentication response to the merchant node 120 as ifit had originated from the authentication node 130. When theauthentication response is generated by the authentication gateway node100, it may contain the same or similar content to an authenticationresponse generated by the authentication node 130 so that the merchantnode 120 is not aware that the authentication response was generatedwithout authentication of the purchaser being performed by theauthentication node 130.

Although the authentication gateway node 100 is shown as being separatefrom the merchant node 120, in some embodiments the authenticationgateway node 100 is incorporated into the merchant node 120 so that atleast some of the operations disclosed herein as being performed by theauthentication gateway node 100 are performed within the merchant node120. Thus for example, the risk scores can be generated internal to themerchant node 120 and used to control when eCommerce authenticationrequests are communicated to the authentication node 130. The merchantnode 120 can use the risk score to selectively send an eCommerceauthentication request to the authentication node 130 for authenticationof the purchaser when the risk score satisfies a defined rule or sendthe financial transaction to the acquirer node 122 and credit/debitfinance issuer node 140 for verification against the cardholder'saccount without authentication of the purchaser by the authenticationnode 130 when the risk score does not satisfy a defined rule.

Similarly, although the authentication gateway node 100 is shown asbeing separate from the authentication node 130, in some embodiments theauthentication gateway node 100 is incorporated into the authenticationnode 130 so that at least some of the operations disclosed herein asbeing performed by the authentication gateway node 100 are performedwithin the authentication node 130. Thus for example, the risk scorescan be generated internal to the authentication node 130 and used tocontrol which of the eCommerce authentication requests causeauthentication challenges to be generated to purchasers.

The authentication response (e.g., 3-D Secure authentication responsecode) can be generated by the authentication node 130, based onauthentication processes performed with the purchaser and/or may begenerated by the authentication gateway node 100 based on the risk score(e.g., without authentication processing by the authentication node 130)and provided to the merchant node 120. The merchant node 120 receivesthe authentication response and may deny the transaction based oncontent of the authentication response (e.g., based on the risk scoregenerated by the authentication gateway node 100 and/or based on theresult of authentication processes by the authentication node). Themerchant node 120 can initiate verification of the transaction bycommunicating to a credit/debit finance issuer node 140, via an acquirernode 122 (e.g., merchant's bank), the authentication response andfinancial transaction information that contains any one or more of theaccount number (e.g., credit/debit card number), the expiration date forthe card, the CVV, the cardholder's name, the cardholder's home address,the purchaser's shipping address, the amount of the financialtransaction, and the identifier for the merchant node 120.

The acquirer node 122 routes the authentication response and thefinancial transaction information to a credit/debit finance issuer node140 (e.g., card issuing bank server such as a Visa or other card servervia VisaNet, BankNet, etc.). The credit/debit finance issuer node 140generates an authorization decision based on whether the accountindicated by the financial transaction information has a sufficientcredit limit and/or existing funds to cover an amount indicated by thefinancial transaction information, and can further generate theauthorization decision based on the authentication response from theauthentication node 130 and/or the authentication gateway node 100.

The credit/debit finance issuer node 140 communicates its authorizationdecision to the acquirer node 122, which communicates an authorizationdecision to the merchant node 120. The merchant node 120 decides whetherto complete the transaction with the purchaser or to deny thetransaction based on the authorization decision from the acquirer node122.

Further example operations by the authentication gateway node 100 areexplained below with regard to FIGS. 4-10.

Referring to FIG. 1 and the related flowchart of FIG. 4, theauthentication gateway node 100 receives (block 400) an eCommerceauthentication request from the merchant node 120. The authenticationgateway node 100 processes (block 402) content of the eCommerceauthentication request through a non-linear analytical model (e.g., aneural network model) to generate a risk score, and selectively provides(block 404) the eCommerce authentication request to the authenticationnode 130 based on the risk score.

The non-linear analytical model has a non-linear relationship thatallows different output values to be generated from a sequence of cyclesof processing the same input values. Thus, repetitively processing thesame input value(s) through the non-linear analytical model can resultin output of different corresponding values.

Controlling which eCommerce authentication requests are provided to theauthentication node 130 based on the risk scores can effectivelyprioritize authenticating only the eCommerce authentication requeststhat appear to have a greater risk of originating from purchasers whoare not the account owner or otherwise authorized by the account ownerfor the purchase. The other eCommerce authentication requests can bypassauthentication by the authentication node 130, allowing verification bya credit/debit finance issuer node 140 (e.g., card issuing bank serversuch as a Visa or MasterCard member bank server) to proceed. Becausesome, and perhaps most, eCommerce authentication requests are notauthenticated by the authentication node 130, merchants can havesubstantially lower transaction costs (e.g., reduced per-transactionpurchaser authentication fees by a reduced number of authenticatedtransactions) and fewer transaction abandonments due to fewer purchasersbeing challenged to complete authentication processes.

The non-linear analytical model of the authentication gateway node 100generates the risk score based on content of the eCommerceauthentication request. Moreover as explained below, the non-linearanalytical model of the authentication gateway node 100 may generate therisk score based on a pattern of content items observed in eCommerceauthentication requests associated with a same account number, samefinancial account information, similar financial account informationthat satisfies a defined rule, and/or a same identified merchant node120. The pattern can be observable use of the same or similar financialcard information in financial transactions that were earlier completedand/or in financial transactions that are presently pending awaitingauthorization. Alternatively or additionally, the non-linear analyticalmodel of the authentication gateway node 100 may generate the risk scorebased on any one or more of:

-   -   1) a pattern of content items observed in simultaneously        occurring or nearly simultaneously occurring (e.g., occurring        within a threshold time) eCommerce authentication requests        associated with a same identified merchant node 120;    -   2) different identified merchant nodes 120 that have a common        characteristic (e.g., merchant characteristics, located in a        common defined geographic region, history of originating        fraudulent transactions, history of eCommerce authentication        requests that fail authentication, and/or common business        characteristics);    -   3) a same identifiable acquirer node 122;    -   4) different identifiable acquirer nodes 122 having a common        characteristic (e.g., bank category, located in a common defined        geographic region, history of being associated with fraudulent        transactions, and/or common business characteristics);    -   5) a same identifiable credit/debit finance issuer node 140; and    -   6) different identifiable credit/debit finance issuer nodes 140        having a common characteristic (e.g., common business        characteristics, located in a common defined geographic region,        history of receiving fraudulent transactions, and/or history of        performing chargebacks against merchant nodes 120).

The non-linear analytical model can be trained based on feedback thatcan include characteristics of (e.g., observable patterns in) contentearlier received in eCommerce authentication requests, and may includeresults of authentication processes performed on earlier eCommerceauthentication requests and associated characteristics of thoseeCommerce authentication requests. The characteristics may includeinformation identifying content of the eCommerce authenticationrequests, time of day when the eCommerce authentication requestoccurred, day of week when the eCommerce authentication requestoccurred. The non-linear analytical model may be alternatively oradditionally be trained to identify when eCommerce authenticationrequests have one or more of the following characteristics:

-   -   1) generated by the acquirer node 122 at a rate that is outside        an expected range (e.g., greater than a historical observed        upper rate from the acquirer node 122 for a particular time of        day and/or day or week/year);    -   2) associated with a same user terminal 110 and occurring at a        rate that greater than an expected rate arising from a same user        terminal (e.g., indication that eCommerce authentication        requests are being electronically generated by a possibly        malicious program instead of by a human purchaser);    -   3) associated with a same merchant node 120 and occurring at a        rate that is outside an expected range (e.g., greater than a        historical observed upper rate from the merchant node 120 and/or        other merchant nodes having similar characteristics as the        merchant node 120 for a particular time of day and/or day or        week/year); and    -   4) arising from a same geographic region, such as geographic        region of the user terminal 110, the merchant node 120, the        acquirer node 122, and/or the credit/debit finance issuer node        140, and occurring at a rate that is outside an expected range        (e.g., greater than a historical observed upper rate for a        particular time of day and/or day or week/year).

The non-linear analytical model can generate the risk score based oncontent (information contained) in a single eCommerce authenticationrequest or may generate the risk score based on comparison of contentbetween a plurality of eCommerce authentication requests that may havebeen earlier received and/or that may be received within a thresholdtime.

FIG. 2 is a block diagram illustrating further details of anauthentication portion of the financial transaction processing system ofFIG. 1 configured according to some embodiments. Referring to FIG. 2,the authentication gateway node 100 receives eCommerce authenticationrequests from a plurality of merchant nodes 120. The authenticationgateway node 100 processes content of each of the eCommerceauthentication requests through a non-linear analytical model 102 (e.g.,a neural network model) to generate risk scores for the eCommerceauthentication requests. The operations for generating a risk score canbe repeated (e.g., performed sequentially or simultaneously) for aplurality of eCommerce authentication requests receiving within athreshold time (e.g., simultaneously occurring or nearly simultaneouslyoccurring eCommerce authentication requests).

In one embodiment, the authentication gateway node 100 selects eCommerceauthentication requests from among the plurality of eCommerceauthentication requests to provide to the authentication node 130 basedon comparison of the risk scores for the plurality of eCommerceauthentication requests. The authentication gateway node 100 may selecta subset of the plurality of eCommerce authentication requestsassociated with risk scores indicating a higher likelihood of theirfailing authentication if provided to the authentication node 130, orotherwise indicate a level of trustworthiness that the eCommerceauthentication request originated from the account owner or anotherperson authorized by the account owner. Other eCommerce authenticationrequests that are not within the subset can have authenticationresponses generated and communicated to the respective merchant nodes120 without authentication processing by the authentication node 130(e.g., the authentication gateway node 100 and/or the authenticationnode 130 can generate an authentication response based on a risk scoreof generated from an eCommerce authentication request).

In one embodiment, when selectively providing the eCommerceauthentication request to the authentication node 130, theauthentication gateway node 100 may selectively mark the eCommerceauthentication request to indicate whether authentication of a person,who is associated with the eCommerce authentication request, by theauthentication node 130 is requested based on whether the risk scoresatisfies a defined rule. The authentication gateway node 130 thenperforms authentication processing (e.g., providing authenticationchallenges to purchasers) for only the eCommerce authentication requeststhat are marked for authentication. The authentication gateway node 130can then generate the authentication responses based on a result of theauthentication processing when performed, or based on the risk scorewhen authentication processing is not performed.

In another embodiment, when selectively providing the eCommerceauthentication request to the authentication node 130, theauthentication gateway node 100 selectively routes the eCommerceauthentication request to the authentication node 130 for authenticationof a person, who is associated with the eCommerce authenticationrequest, based on whether the risk score satisfies a defined rule.Accordingly, the authentication node 130 performs purchaserauthentication processes for each eCommerce authentication request thatit receives, however the authentication node 130 only receives eCommerceauthentication requests having risk scores that the authenticationgateway node 100 determined to satisfy a defined rule (e.g., having arisk score that exceeds a threshold level or alternatively that does notexceed a threshold level).

In another embodiment, the authentication node 130 can include some ofthe functionality described herein of the authentication gateway node100. The authentication node 130 can receive all eCommerceauthentication requests, but selectively generate an authenticationchallenge to the user equipment 110 (FIG. 1) to authenticate a person,who is associated with the transaction, only for eCommerceauthentication requests having risk scores that satisfy a defined rule.

The authentication gateway node 100 can include training circuitry 104(e.g., computer readable program code executed by a processor) thattrains the neural network model 102 based on feedback from the merchantnodes 120, the authentication node 130, and/or other components of thefinancial processing system (e.g., the acquirer node 122 and/or thecredit/debit finance issuer node 140). The training circuitry 104 maytrain the neural network model 102 based on feedback of results ofauthentication processes that have been performed and the associatedcharacteristics of the eCommerce authentication requests associated withthe authentication processes, which may include one or more of thecharacteristics explained above for FIG. 1 regarding training of thenon-linear analytical model of the authentication gateway node 100.

For example, the neural network model 102 may be trained based on acomparison of content of a plurality of eCommerce authenticationrequests that were provided to the authentication node 130 and feedbackof results of authentication processes performed by the authenticationnode 130 on the plurality of eCommerce authentication requests.Accordingly, the neural network model can learn over time to identifyparticular content or patterns of content occurring in a sequence ofeCommerce authentication requests and/or occurring across a plurality ofeCommerce authentication requests within a threshold time (e.g.,simultaneously occurring or nearly simultaneously occurring) that areindicative of a greater or lesser likelihood that the purchasersassociated with the eCommerce authentication requests will failauthentication if authentication processes are performed by theauthentication node 130 on the eCommerce authentication requests.

By way of further example, the training circuitry 104 may train theneural network model 102 using content of eCommerce authenticationrequests that have been determined to have failed authenticationprocesses by the authentication node 130, that resulted in a contestedcharge by account owners, nonpayment due to insufficient funds,fraudulent transaction against accounts which may be determined based oninformation provided by merchant nodes 120, the acquirer node 122,and/or the credit/debit finance issuer node 140.

The content of eCommerce authentication requests used to train theneural network model 102 may include one or more of account number(e.g., credit/debit card number), the expiration date for the card, theCVV, cardholder's name, cardholder's home address, purchaser's shippingaddress, the amount of the financial transaction, an identifier for thepurchaser's user terminal 110, characteristics of the purchaser's userterminal 110 (e.g., manufacturer, web browser characteristics, and/oroperational characteristics), the identifier for the merchant node 120,the identifier for the acquirer node 122, the identifier for thecredit/debit finance issuer node 140, a geographic region of: theaccount owner; purchaser's user terminal 110; merchant node 120;acquirer node 122; and/or the credit/debit finance issuer node 140. Thetraining circuitry 104 may train the neural network model 102 based onone or more of the characteristics explained above for FIG. 1 regardingtraining of the non-linear analytical model of the authenticationgateway node 100.

The neural network model 102 may, for example, receive hundreds orthousands of simultaneously occurring or nearly simultaneously occurringeCommerce authentication requests from tens, hundreds, or thousands ofdifferent merchant nodes 120, and generate risk scores that are used todetermine which of the eCommerce authentication requests will beprocessed by the authentication node 130 to authenticate associatedpurchasers (or other persons) associated with the eCommerceauthentication requests.

Alternatively or additionally, the neural network model 102 may, forexample, receive hundreds or thousands of sequentially occurringeCommerce authentication requests from a same one of the merchant nodes120, and generate risk scores for each of the eCommerce authenticationrequests based on content of previous occurring ones of the eCommerceauthentication requests in sequence. The resource score is used todetermine which of the eCommerce authentication requests will beprocessed by the authentication node 130 to authenticate associatedpurchasers associated with the eCommerce authentication requests.

The neural network model 102 or other circuitry of the authenticationgateway node 100 (e.g., comparison process performed by a processorcircuit) may compare the risk scores generated for a plurality ofeCommerce authentication requests to, for example, select a definednumber or percentage of the eCommerce authentication requests havingrisk scores that indicate a greater relative likelihood that thepurchasers associated with the eCommerce authentication requests willfail authentication relative to the non-selected eCommerceauthentication requests. Accordingly, instead of allowing all eCommerceauthentication requests to be processed by the authentication node 130for authentication, the authentication gateway node 100 can use theneural network model 102 to select a subset of the eCommerceauthentication requests that are to be processed by the authenticationnode 130 for authentication.

FIG. 3 is a block diagram of a neural network model 102 that can be usedin an authentication gateway node 100 to generate a risk score for aneCommerce authentication request. Referring to FIG. 3, the neuralnetwork model 102 includes an input layer having a plurality of inputnodes, a sequence of neural network layers each including a plurality ofweight nodes, and an output layer including an output node. In theparticular non-limiting example of FIG. 3, the input layer includesinput nodes I₁ to I_(N) (where N is any plural integer). A first one ofthe sequence of neural network layers includes weight nodes N_(1L1)(where “1L1” refers to a first weight node on layer one) to N_(XL1)(where X is any plural integer). A last one (“Z”) of the sequence ofneural network layers includes weight nodes N_(1LZ) (where Z is anyplural integer) to N_(YLZ) (where Y is any plural integer). The outputlayer includes an output node O.

The neural network model 102 of FIG. 3 is an example that has beenprovided for ease of illustration and explanation of one embodiment.Other embodiments may include any non-zero number of input layers havingany non-zero number of input nodes, any non-zero number of neuralnetwork layers having a plural number of weight nodes, and any non-zeronumber of output layers having any non-zero number of output nodes. Thenumber of input nodes can be selected based on the number of eCommerceauthentication requests that are to be simultaneously processed, and thenumber of output nodes can be similarly selected based on the number ofrisk scores that are to be simultaneously generated therefrom.

The neural network model 102 can be trained based on feedback fromresults of earlier authentication processes performed on eCommerceauthentication requests having defined content or other characteristicsand/or based on eCommerce authentication requests that were input to theneural network model 102. Training of the neural network model 102 caninclude adapting (defining/adjusting) weight values used by the weightnodes to combine values from input nodes and/or from other weight nodesto generate combined values that can be provided to other weight nodesor to the output node.

Referring to FIG. 3 and the flowchart of FIG. 5 of an embodiment, theneural network model 102 can be operated to process (block 500) aplurality of content items of an eCommerce authentication requestthrough different inputs (e.g., input nodes I₁ to I_(N)) to generate arisk score. The contents items associated with an eCommerceauthentication request that can be simultaneously processed throughdifferent input nodes I₁ to I_(N) may include any one or more of:

-   -   1) account number (e.g., credit/debit card number);    -   2) the expiration date for the card;    -   3) verification value (e.g., CVV);    -   4) cardholder's name;    -   5) the cardholder's home address;    -   6) the purchaser's shipping address;    -   7) amount of the financial transaction;    -   8) identifier for the purchaser's user terminal;    -   9) characteristics of the purchaser's user terminal (e.g.,        manufacturer, web browser characteristics, and/or operational        characteristics);    -   10) network address of the purchaser's user terminal;    -   11) geographic region of the purchaser's user terminal;    -   12) identifier for the merchant node 120;    -   13) a geographic region of the merchant node 120;    -   14) identifier for the acquirer node 122;    -   15) time of transaction;    -   16) date of transaction;    -   17) a geographic region of the acquirer node 122; and    -   18) a geographic region of the credit/debit finance issuer node        140.

By way of example, the account number can be provided to input node I₁,the expiration date for the card can be provided to input node I₂, theCVV can be provided to input node I₃, the amount of the financialtransaction can be provided to input node I₄, the identifier for themerchant node 120 can be provided to input node I₅, the purchaser's namecan be provided to input node I₆, an identifier of the purchaser's userterminal 110 can be provided to input node I₇, the cardholder's homeaddress can be provided to input node I₈, the purchaser's shippingaddress can be provided to input node I₉, a geographic region of themerchant node 120 can be provided to input node I₁₀, a geographic regionof the acquirer node 122 can be provided to input node I₁₁, a geographicregion of the credit/debit finance issuer node 140 can be provided toinput node I₁₂, and characteristics of the purchaser's user terminal canbe provided to input node I₁₃.

Items of content of other eCommerce authentication requests occurringsimultaneously or within a threshold time can be similarly provided tofurther groups of input nodes (e.g., group I₁₄-I₂₆, group I₂₇-I₃₉,etc.). In this particular example, the content items associated with 100different eCommerce authentication requests can be simultaneously ornearly simultaneously provided to an array of 1300 input nodes I (e.g.,100 eCommerce authentication requests, each having 13 content items).The weight nodes N of a plurality of neural network layers can processvalues output by the input nodes I to generate combined values that areprovided to an array of output nodes O. The number of output nodes maybe the same as the number of eCommerce authentication requests that aresimultaneously processed by the neural network model 102, with each ofthe output nodes outputting a risk score for a different one of theeCommerce authentication requests. Thus, when the neural network model102 is configured to simultaneously process 100 different eCommerceauthentication request, 100 output nodes O can be provided to eachoutput a risk score for a different one of the 100 eCommerceauthentication requests.

The interconnected structure between the input nodes, the weight nodesof the neural network layers, and the output nodes causes thecharacteristics of each eCommerce authentication request to influencethe risk score generated for all of the other eCommerce authenticationrequests that are simultaneously processed. The risk scores generated bythe neural network model 102 may thereby identify a comparativeprioritization of which of the eCommerce authentication requests havecharacteristics that provide a higher/lower likelihood of theirfailing/passing authentication if provided to the authentication node130, or otherwise indicate a level of trustworthiness that the eCommerceauthentication request originated from the account owner or anotherperson authorized by the account owner. The authentication gateway node100 can thereby select a group of the eCommerce authentication requestshaving an upper or lower range of the generated risk scores, and providethe selected group of eCommerce authentication request to theauthentication node 130 for authentication processing. In sharpcontrast, the other eCommerce authentication requests outside theselected group are not provided to the authentication node 130 forauthentication processing, but instead have authentication responsesgenerated based on their credit scores.

The neural network model 102 can be trained (block 502) based oncomparison of content of a plurality of eCommerce authenticationrequests provided to the authentication node 130 and feedback of resultsof authentication processes performed by the authentication node 130 onthe plurality of eCommerce authentication requests and/or based onfeedback information provided by the merchant node 120, the acquirernode 122, and/or the credit/debit finance issuer node 140 as disclosedherein.

Referring to FIG. 3 and the flowchart of FIG. 6 of an embodiment, theneural network model 102 operates to process (block 600) a plurality ofcontent items of a plurality of eCommerce authentication requests,received within a threshold time, through different inputs of the neuralnetwork model 102 to generate the risk score. The neural network model102 mathematically combines (block 602) values of content items fromdefined ones of the inputs of the neural network using weight values togenerate a risk score for each of the plurality of eCommerceauthentication requests (e.g., sum values of the content items togenerate a summed value that is multiplied by a weight value to generatethe risk score). The neural network model 102 selects (block 604)eCommerce authentication requests from among the plurality of eCommerceauthentication requests to provide to the authentication node 130 basedon comparison of the risk scores for the plurality of eCommerceauthentication requests.

The neural network model 102 can operate to adapt (block 606) the weightvalues (e.g., via the training circuit 104 of FIG. 2) based on feedbackof results of authentication processes performed by the authenticationnode 130 on eCommerce authentication requests and/or based on based onfeedback information received from the merchant node 120, the acquirernode 122, and/or the credit/debit finance issuer node 140 that definescharacteristics of future authentication requests that needauthentication. The weight values may be adapted based on feedbackinformation received from a plurality of finance issuer nodes 140 thatdefines characteristics of future authentication requests that needauthentication. The weight values may be adapted based on feedback ofcharacteristics of eCommerce authentication requests that may includeone or more of the characteristics explained above for FIG. 1 regardingtraining of the non-linear analytical model of the authenticationgateway node 100.

Referring to FIG. 3 and the flowchart of FIG. 7, in a further embodimentthe neural network model 102 operates (block 700) the input nodes of theinput layer to each receive a different one of the content items of aneCommerce authentication request and output a value. The neural networkmodel 102 operates (block 702) the weight nodes of the first one of thesequence of neural network layers using weight values to mathematicallycombine values that are output by the input nodes to generate combinedvalues. Each of the weight nodes of the first layer may, for example,sum the values that are output by the input nodes, and multiply thesummed result by a weight value that can be separately defined for eachof the weight nodes (and may thereby be different between the weightnodes on a same layer) to generate one of the combined values.

The neural network model 102 operates (block 704) the weight nodes ofthe last one of the sequence of neural network layers using weightvalues to mathematically combine the combined values from a plurality ofweight nodes of a previous one of the sequence of neural network layersto generate combined values. Each of the weight nodes of the last layermay, for example, sum the combined values from a plurality of weightnodes of a previous one of the sequence of neural network layers, andmultiply the summed result by a weight value that can be separatelydefined for each of the weight nodes (and may thereby be differentbetween the weight nodes on a same layer) to generate one of thecombined values.

The neural network model 102 operates (block 706) the output node “O” ofthe output layer to combine the combined values from the weight nodes ofthe last one of the sequence of neural network layers to generate therisk score.

FIGS. 8-10 illustrate flowcharts of further operations that can beperformed (e.g., by a training circuit) to train a neural network modelbased on feedback from a merchant node 120, an acquirer node 122, acredit/debit finance issuer node 140, and/or any other element/node of afinancial transaction processing system, according to various furtherembodiments.

Referring to FIG. 8, the weight values of the weight nodes of at leastone of the neural network layers are adapted (block 800), such as by thetraining circuit 104 of FIG. 2, based on feedback of results ofauthentication processes performed by the authentication node 130 oneCommerce authentication requests.

Referring to FIG. 9, the weight values of the weight nodes of at leastone of the neural network layers are adapted (block 900) based onfeedback information received from a merchant node that definescharacteristics of future authentication requests needingauthentication.

Referring to FIG. 10, the weight values of the weight nodes of differentones of the neural network layers are adapted (block 1000) based onfeedback information received from corresponding different merchantnodes that defines characteristics of future authentication requestsneeding authentication.

FIG. 11 is a block diagram of a computer system 1100 that may be used asan authentication gateway node 100, an authentication node 130, amerchant node 120, an acquirer node 122, a user terminal 110, and/or acredit/debit finance issuer node 140 to perform the operations of one ofmore of the embodiments disclosed herein for one or more of thoseelements. The computer system 1100 can include one or more networkinterface circuits 1130, one or more processor circuits 1110 (referredto as “processor” for brevity), and one or more memory circuits 1120(referred to as “memory” for brevity) containing program code 1122.

Although various embodiments have been disclosed herein for training theneural network model or, more generally, the non-linear analytical model100 while it is processing eCommerce authentication requests frommerchant nodes 120 which are operationally waiting for correspondingauthentication responses, in some other embodiments the training isperformed offline. For example, the training may be performed duringproduction of the non-linear analytical model before its incorporationinto an operational authentication gateway node 100 and/or the trainingmay be performed while an authentication gateway node 100 is notactively processing eCommerce authentication requests from merchantnodes 120 awaiting authentication responses, such as while maintenanceor other offline processes are performed on the authentication gatewaynode 100.

The processor 1110 may include one or more data processing circuits,such as a general purpose and/or special purpose processor (e.g.,microprocessor and/or digital signal processor) that may be collocatedor distributed across one or more networks. The processor 1110 isconfigured to execute program code 1122 in the memory 1120, describedbelow as a computer readable storage medium, to perform some or all ofthe operations for one or more of the embodiments disclosed herein.

A neural network of the authentication gateway node 100 may beimplemented by the program code 1122 executed by the processor 1110and/or may be implemented by other circuits that can include, but arenot limited to, a digital gate array and/or analog circuits.

Further Definitions and Embodiments

In the above-description of various embodiments of the presentdisclosure, aspects of the present disclosure may be illustrated anddescribed herein in any of a number of patentable classes or contextsincluding any new and useful process, machine, manufacture, orcomposition of matter, or any new and useful improvement thereof.Accordingly, aspects of the present disclosure may be implemented inentirely hardware, entirely software (including firmware, residentsoftware, micro-code, etc.) or combining software and hardwareimplementation that may all generally be referred to herein as a“circuit,” “module,” “component,” or “system.” Furthermore, aspects ofthe present disclosure may take the form of a computer program productcomprising one or more computer readable media having computer readableprogram code embodied thereon.

Any combination of one or more computer readable media may be used. Thecomputer readable media may be a computer readable signal medium or acomputer readable storage medium. A computer readable storage medium maybe, for example, but not limited to, an electronic, magnetic, optical,electromagnetic, or semiconductor system, apparatus, or device, or anysuitable combination of the foregoing. More specific examples (anon-exhaustive list) of the computer readable storage medium wouldinclude the following: a portable computer diskette, a hard disk, arandom access memory (RAM), a read-only memory (ROM), an erasableprogrammable read-only memory (EPROM or Flash memory), an appropriateoptical fiber with a repeater, a portable compact disc read-only memory(CD-ROM), an optical storage device, a magnetic storage device, or anysuitable combination of the foregoing. In the context of this document,a computer readable storage medium may be any tangible medium that cancontain, or store a program for use by or in connection with aninstruction execution system, apparatus, or device.

A computer readable signal medium may include a propagated data signalwith computer readable program code embodied therein, for example, inbaseband or as part of a carrier wave. Such a propagated signal may takeany of a variety of forms, including, but not limited to,electro-magnetic, optical, or any suitable combination thereof. Acomputer readable signal medium may be any computer readable medium thatis not a computer readable storage medium and that can communicate,propagate, or transport a program for use by or in connection with aninstruction execution system, apparatus, or device. Program codeembodied on a computer readable signal medium may be transmitted usingany appropriate medium, including but not limited to wireless, wireline,optical fiber cable, RF, etc., or any suitable combination of theforegoing.

Computer program code for carrying out operations for aspects of thepresent disclosure may be written in any combination of one or moreprogramming languages, including an object oriented programming languagesuch as Java, Scala, Smalltalk, Eiffel, JADE, Emerald, C++, C#, VB.NET,Python or the like, conventional procedural programming languages, suchas the “C” programming language, Visual Basic, Fortran 2003, Perl, COBOL2002, PHP, ABAP, dynamic programming languages such as Python, Ruby andGroovy, or other programming languages. The program code may executeentirely on the user's computer, partly on the user's computer, as astand-alone software package, partly on the user's computer and partlyon a remote computer or entirely on the remote computer or server. Inthe latter scenario, the remote computer may be connected to the user'scomputer through any type of network, including a local area network(LAN) or a wide area network (WAN), or the connection may be made to anexternal computer (for example, through the Internet using an InternetService Provider) or in a cloud computing environment or offered as aservice such as a Software as a Service (SaaS).

Aspects of the present disclosure are described herein with reference toflowchart illustrations and/or block diagrams of methods, apparatus(systems), and computer program products according to embodiments of thedisclosure. It will be understood that each block of the flowchartillustrations and/or block diagrams, and combinations of blocks in theflowchart illustrations and/or block diagrams, can be implemented bycomputer program instructions. These computer program instructions maybe provided to a processor of a general purpose computer, specialpurpose computer, or other programmable data processing apparatus toproduce a machine, such that the instructions, which execute via theprocessor of the computer or other programmable instruction executionapparatus, create a mechanism for implementing the functions/actsspecified in the flowchart and/or block diagram block or blocks.

These computer program instructions may also be stored in a computerreadable medium that when executed can direct a computer, otherprogrammable data processing apparatus, or other devices to function ina particular manner, such that the instructions when stored in thecomputer readable medium produce an article of manufacture includinginstructions which when executed, cause a computer to implement thefunction/act specified in the flowchart and/or block diagram block orblocks. The computer program instructions may also be loaded onto acomputer, other programmable instruction execution apparatus, or otherdevices to cause a series of operational steps to be performed on thecomputer, other programmable apparatuses or other devices to produce acomputer implemented process such that the instructions which execute onthe computer or other programmable apparatus provide processes forimplementing the functions/acts specified in the flowchart and/or blockdiagram block or blocks.

It is to be understood that the terminology used herein is for thepurpose of describing particular embodiments only and is not intended tobe limiting of the invention. Unless otherwise defined, all terms(including technical and scientific terms) used herein have the samemeaning as commonly understood by one of ordinary skill in the art towhich this disclosure belongs. It will be further understood that terms,such as those defined in commonly used dictionaries, should beinterpreted as having a meaning that is consistent with their meaning inthe context of this specification and the relevant art and will not beinterpreted in an idealized or overly formal sense expressly so definedherein.

The flowchart and block diagrams in the figures illustrate thearchitecture, functionality, and operation of possible implementationsof systems, methods, and computer program products according to variousaspects of the present disclosure. In this regard, each block in theflowchart or block diagrams may represent a module, segment, or portionof code, which comprises one or more executable instructions forimplementing the specified logical function(s). It should also be notedthat, in some alternative implementations, the functions noted in theblock may occur out of the order noted in the figures. For example, twoblocks shown in succession may, in fact, be executed substantiallyconcurrently, or the blocks may sometimes be executed in the reverseorder, depending upon the functionality involved. It will also be notedthat each block of the block diagrams and/or flowchart illustration, andcombinations of blocks in the block diagrams and/or flowchartillustration, can be implemented by special purpose hardware-basedsystems that perform the specified functions or acts, or combinations ofspecial purpose hardware and computer instructions.

The terminology used herein is for the purpose of describing particularaspects only and is not intended to be limiting of the disclosure. Asused herein, the singular forms “a”, “an” and “the” are intended toinclude the plural forms as well, unless the context clearly indicatesotherwise. It will be further understood that the terms “comprises”and/or “comprising,” when used in this specification, specify thepresence of stated features, integers, steps, operations, elements,and/or components, but do not preclude the presence or addition of oneor more other features, integers, steps, operations, elements,components, and/or groups thereof. As used herein, the term “and/or”includes any and all combinations of one or more of the associatedlisted items. Like reference numbers signify like elements throughoutthe description of the figures.

The corresponding structures, materials, acts, and equivalents of anymeans or step plus function elements in the claims below are intended toinclude any disclosed structure, material, or act for performing thefunction in combination with other claimed elements as specificallyclaimed. The description of the present disclosure has been presentedfor purposes of illustration and description, but is not intended to beexhaustive or limited to the disclosure in the form disclosed. Manymodifications and variations will be apparent to those of ordinary skillin the art without departing from the scope and spirit of thedisclosure. The aspects of the disclosure herein were chosen anddescribed in order to best explain the principles of the disclosure andthe practical application, and to enable others of ordinary skill in theart to understand the disclosure with various modifications as aresuited to the particular use contemplated.

The invention claimed is:
 1. A method of operating a computer systemcomprising: performing by a processor of an authentication gatewaycomputer server: receiving, through a network interface of theauthentication gateway computer server, an eCommerce authenticationrequest from a merchant web server; processing a plurality of contentitems contained in the eCommerce authentication request throughdifferent inputs of a neural network model to generate a risk score,wherein the neural network model comprises an input layer comprisinginput nodes, a sequence of neural network layers each comprising aplurality of weight nodes, and an output layer comprising an outputnode, wherein the processing a plurality of content items contained inthe eCommerce authentication request through different inputs of aneural network model to generate a risk score comprises: operating theinput nodes of the input layer to each receive a different one of thecontent items of the eCommerce authentication request and output avalue; operating the weight nodes of a first one of the sequence ofneural network layers using weight values to mathematically combinevalues that are output by the input nodes; operating the weight nodes ofa last one of the sequence of neural network layers using weight valuesto mathematically combine values output by a plurality of weight nodesof a previous one of the sequence of neural network layers; andoperating the output node of the output layer to combine values outputby the weight nodes of the last one of the sequence of neural networklayers to generate the risk score; and selectively routing, based onwhether the risk score satisfies a defined rule, the eCommerceauthentication request through the network interface of theauthentication gateway computer server toward an authentication computerserver, separate from the authentication gateway con titer server, foradditional authentication, wherein selectively routing the eCommerceauthentication request through the network interface of theauthentication gateway computer server to the authentication computerserver for additional authentication comprises: responsive to the riskscore failing to satisfy the defined rule, generating a successfulresponse for the eCommerce authentication request to the merchant webserver without sending, the eCommeree authentication request to theauthentication computer server, wherein the successful response isgenerated to appear to originate from the authentication computerserver, and responsive to the risk score satisfying the defined rule,transferring the eCommerce authentication request to the authenticationcomputer server.
 2. The method of claim 1, further comprising:generating risk scores for a plurality of eCommerce authenticationrequests received within a threshold time from a plurality of merchantweb servers by processing content items of the plurality of eCommerceauthentication requests through different inputs of the neural networkmodel; comparing the risk scores for the plurality of eCommerceauthentication requests; selecting a subset of the plurality ofeCommeree authentication requests associated with risk scores indicatinga higher likelihood of their failing authentication if provided to theauthentication computer server; and routing the subset of the pluralityof eCommerce authentication requests through the network interface ofthe authentication gateway computer server toward the authenticationcomputer server, and not routing the plurality of eCommerceauthentication requests that are not within the subset through thenetwork interface of the authentication gateway computer server towardthe authentication computer server.
 3. The method of Claim. 2, whereinrouting the subset of the plurality of eCommerce authentication requeststhrough the network interface of the authentication gateway computerserver toward the authentication computer server, and not routing theplurality of eCommerce authentication requests that are not within thesubset through the network interface of the authentication gatewaycomputer server toward the authentication computer server, comprises:communicating, through the network interface of the authenticationgateway computer server, authentication responses toward the merchantweb servers from which the plurality of eCommerce authenticationrequests that are not within the subset were received.
 4. The method ofclaim 1, further comprising: training the neural network model based oncomparison of content of a plurality of eCommerce authenticationrequests provided to the authentication computer server and feedback ofresults of authentication processes performed by the authenticationcomputer server on the plurality of eCommerce authentication requests.5. The method of claim 1, further comprising: processing a plurality ofcontent items of a plurality of eCommerce authentication requests,received within a threshold time, through different inputs of the neuralnetwork model to generate the risk score.
 6. The method of claim 5,wherein processing a plurality of content items of a plurality ofeCommerce authentication requests, received within a threshold time,through different inputs of the neural network model to generate therisk score, comprises: mathematically combining values of content itemsfrom defined ones of the inputs of the neural network model using weightvalues to generate a risk score for each of the plurality of eCommerceauthentication requests; and selecting eCommerce authentication requestsfrom among the plurality of eCommerce authentication requests to provideto the authentication computer server based on comparison of the riskscores for the plurality of eCommerce authentication requests.
 7. Themethod of claim 6, further comprising: adapting the weight values basedon feedback of results of authentication processes performed by theauthentication computer server on eCommerce authentication requests. 8.The method of claim 6, further comprising: adapting the weight valuesbased on feedback information received from a finance issuer node thatdefines characteristics of future eCommerce authentication requests thatneed authentication.
 9. The method of claim 1, further comprising;adapting the weight values of the weight nodes of different ones of theneural network layers based on feedback information received fromcorresponding different merchant web servers that definescharacteristics of future eCommerce authentication requests needingauthentication.
 10. The method of Claim 1, further comprising:performing by a processor of the authentication computer server:receiving through a network interface of the authentication computerserver, the eCommerce authentication request; responsive to theeCommerce authentication request, communicating an authenticationchallenge message through the network interface of the authenticationcomputer server toward user equipment of a person, who is associatedwith the eCommerce authentication request; receiving an authenticationresponse message through the network interface of the authenticationcomputer server from the user equipment, the authentication responsemessage containing a security code; generating an authenticationresponse based on it result of comparing the security code contained inthe authentication response message to an expected code; andcommunicating the authentication response through a network interface ofhe authentication computer server toward the merchant web server. 11.The method of claim 10, wherein: the authentication computer servercomprises a 3-D Secure authentication server; the communicating anauthentication challenge message through the network interface of theauthentication computer server toward user equipment of a person, who isassociated with the eCommerce authentication request, comprises:communicating the authentication challenge message through the networkinterface of the authentication computer server as an Extensible MarkupLanguage (XML) message through a secure socket layer (SSL) connectionestablished between the authentication computer server and the userequipment; and the receiving an authentication response message throughthe network interface of the authentication computer server from theuser equipment, the authentication response message containing asecurity code, comprises; receiving the authentication response messagethrough the network interface of the authentication computer server asan XML message through the SSE connection established between theauthentication computer server and the user equipment.
 12. The method ofclaim 1, wherein the output layer comprises a plurality of output nodes,the method further comprising: generating risk scores for a plurality ofeCommerce authentication requests received within a threshold time froma plurality of merchant web servers by processing content items of theplurality of eCommerce authentication requests through different inputsof the neural network model, wherein processing the content itemscomprises: operating groups of the input nodes of the input layer soeach group receives content items of different ones of the plurality ofeCommerce authentication requests, wherein the input nodes within eachgroup each receive different content items of a same one of theplurality of eCommerce authentication requests; operating the weightnodes of the first one of the sequence of neural network layers usingthe weight values to mathematically combine values that are output bythe input nodes; operating the weight nodes of the last one of thesequence of neural network layers using the weight values tomathematically combine values output by the plurality of weight nodes ofthe previous one of the sequence of neural network layers; and operatinga number of the output nodes of the output layer that matches a numberof the plurality of eCommerce authentication requests to combine valuesoutput by the weight nodes of the last one of the sequence of neuralnetwork layers to generate the risk scores, wherein each of the outputnodes of the output layer generates the risk score for a different oneof the plurality of eCommerce authentication requests.
 13. The method ofclaim 12, wherein the weight nodes of at least one of the sequence ofneural network layers that is located between the first one of thesequence of neural network layers and the last one of the sequence ofneural network layers, are each connected to combine values output byeach of the plurality of weight nodes of a previous one of the sequenceof neural network layers so the content items of all of the plurality ofeCommerce authentication requests influences values that are output byeach of the weight nodes of the at least one of the sequence of neuralnetwork layers.
 14. A computer system comprising an authenticationgateway computer server comprising; a network interface; a processor;and a memory coupled to the processor and comprising computer readableprogram code that when executed by the processor of the authenticationgateway computer server causes the processor to perform operationscomprising: receiving through the network interface of theauthentication gateway computer server an eCommerce authenticationrequest from a merchant web server; processing a plurality of contentitems contained in the eCommerce authentication request throughdifferent inputs of a neural network model to generate a risk score,wherein the neural network model comprises an input layer comprisinginput nodes, a sequence of neural network layers each comprising aplurality of weight nodes, and an output layer comprising an outputnode, wherein the processing a plurality of content items contained inthe eCommerce authentication request through different inputs of aneural network model to generate a risk score comprises: operating theinput nodes of the input layer to each receive a different one of thecontent items of the eCommerce authentication request and output avalue; operating the weight nodes of a first one of the sequence ofneural network layers using weight values to mathematically combinevalues that are output by the input nodes; operating the weight nodes ofa last one of the sequence of neural network layers using weight valuesto mathematically combine values output by a plurality of weight nodesof a previous one or the sequence of neural network layers; andoperating the output node of the output layer to combine values outputby the weight nodes of the last one of the sequence of neural networklayers to generate the risk score; and selectively routing, based onwhether the risk score satisfies a defined rule, the eCommerceauthentication request through the network interface of theauthentication gateway computer server toward an authentication computerserver, separate from the authentication gateway computer server, foradditional authentication, wherein selectively routing the eCommerceauthentication request through the network interface of theauthentication gateway computer server to the authentication computerserver for additional authentication comprises: responsive to the riskscore failing to satisfy the defined rule, generating a successfulresponse forth eCommerce authentication request to the merchant webserver without sending the eCommerce authentication request to theauthentication computer server,  wherein the successful responsegenerated to appear to originate from the authentication computerserver, and responsive to the risk score satisfying the defined rule,transferring the eCommerce authentication request to the authenticationcomputer server.
 15. The computer system of claim 14, wherein theoperations by the processor of the authentication gateway computerserver further comprise: generating risk scores for a plurality ofeCommerce authentication requests received within a threshold time froma plurality of merchant web servers by processing content items of theplurality of eCommerce authentication requests through different inputsof the neural network model; comparing the risk scores for the pluralityof eCommerce authentication requests; selecting a subset of theplurality of eCommerce authentication requests associated with risk,scores indicating a higher likelihood of their failing authentication ifprovided to the authentication computer server; and routing the subsetof the plurality of eCommerce authentication requests, through thenetwork interface of the authentication gateway computer server, towardthe authentication computer server, and not muting the plurality ofeCommerce authentication requests that are not within the subset,through the network interface of the authentication gateway computerserver, toward the authentication computer server.
 16. The computersystem of claim 15, wherein routing the subset of the plurality ofeCommerce authentication requests, through the network interface of theauthentication gateway computer server, toward the authenticationcomputer server, and not routing the plurality of eCommerceauthentication requests that are not within the subset, through thenetwork interface, of the authentication gateway computer server, towardthe authentication computer server, comprises: communicating, throughthe network interface of the authentication gateway computer server,authentication responses toward the merchant web servers from which theplurality of eCommerce authentication requests that are not within thesubset were received.
 17. The computer system of claim 14, furthercomprising: the authentication computer server comprising: a networkinterface; a processor; and a memory coupled to the processor andcomprising computer readable program code that when executed by theprocessor of the authentication computer server causes the processor toperform operations comprising: receiving through the network interfaceof the authentication computer server, the eCommerce authenticationrequest; responsive to the eCommerce authentication request,communicating an authentication challenge message through the networkinterface of the authentication computer server toward user equipment ofa person, who is associated with the eCommerce authentication request;receiving an authentication, response message through the networkinterface of the authentication computer server from the user equipment,the authentication response message containing a security code;generating an authentication response based on a result of comparing thesecurity code contained in the authentication response message to anexpected code; and communicating the authentication response through anetwork interface of the authentication computer server toward themerchant web server.
 18. The computer system of claim 17, wherein: theauthentication computer server comprises a 3-D Secure authenticationserver; the communicating an authentication challenge message throughthe network interface of the authentication computer server toward userequipment of a person, who is associated with the eCommerceauthentication request, comprises: communicating the authenticationchallenge message through the network interface of the authenticationcomputer server as an Extensible Markup Language (XML) message through asecure socket layer (SSL) connection established between theauthentication computer server and the user equipment; and the receivingan authentication response message through the network interface of theauthentication computer server from the user equipment, theauthentication response message containing a security code, comprises:receiving the authentication response message through the networkinterface of the authentication computer server as an XML messagethrough the SSL connection established between the authenticationcomputer server and the user equipment.
 19. The computer system of claim14, wherein the output layer comprises a plurality of output nodes, theoperations further comprising: generating risk scores for a plurality ofeCommeree authentication requests received within a threshold time froma plurality of merchant web servers by processing content items of theplurality of eCommerce authentication requests through different inputsof the neural network model, wherein processing the content itemscomprises: operating groups of the input nodes of the input layer soeach group receives content items of different ones of the plurality ofeCommerce authentication requests, wherein the input nodes within eachgroup each receive different content items of a same one of theplurality of eCommerce authentication requests; operating the weightnodes of the first one of the sequence of neural network layers usingthe weight values to mathematically combine values that are output bythe input nodes; operating the weight nodes of the last one of thesequence of neural network layers using the weight values tomathematically combine values output by the plurality of weight nodes ofthe previous one of the sequence of neural network layers; and operatinga number of the output nodes of the output layer that matches a numberof the plurality of eCommerce authentication requests to combine valuesoutput by the weight nodes of the last one of the sequence of neuralnetwork layers to generate the risk scores, wherein each of the outputnodes of the output layer generates the risk score for a different oneof the plurality of eCommerce authentication requests.
 20. The method ofclaim 19, wherein the weight nodes of at least one of the sequence ofneural network layers that is located between the first one of thesequence of neural network layers and the last one of the sequence ofneural network layers, are each connected to combine values output byeach of the plurality of weight nodes of a previous one of the sequenceof neural network layers so the content items of all of the plurality ofeCommerce authentication requests influences values that are output byeach of the weight nodes of the at least one of the sequence of neuralnetwork layers.